npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

nalth

v0.9.0

Published

Security-first unified toolchain for the web - dev, build, test, lint, fmt, and secure package management all in one

Downloads

223

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

robbin-devrobbin-dev

Keywords

security-firstunified-toolchainvite-plusframeworksecurityhmrcspsriauditvitesteslintprettiertestinglintingformattingtask-runnersecure-installtyposquattingvulnerability-scanningsecurity-headerssecurity-reportsecurity-auditdev-serverbuild-toolsecure-buildnalth

Readme

banner

🛡️ Nalth.js

The Security-First Unified Toolchain for the Modern Web

Version License Security Level

Welcome to Nalth, the world's first security-first web development framework. Built on TypeScript and powered by a security-enhanced Vite.js foundation, Nalth makes enterprise-grade security effortless while maintaining lightning-fast development speeds.

⚡ Unified Toolchain

Everything you need in one unified interface. No more configuration hell or fragmented tools.

# Complete development workflow in one tool:
nalth dev          # 🚀 Start dev server with auto-HTTPS
nalth build        # 📦 Production-grade secure build
nalth test         # 🧪 Unit & E2E testing via Vitest
nalth lint         # 🔍 Security-aware linting (ESLint + Security)
nalth fmt          # ✨ Professional formatting (Prettier)
nalth run build    # 🏎️ Smart task runner with caching
nalth ui           # 🎨 Advanced security & dev dashboard
nalth lib          # 📚 Secure library bundling
nalth audit        # 🛡️ Deep security dependency scan

🌟 Why Nalth?

🛡️ Security by Design, Not as an Afterthought

Nalth isn't just a build tool; it's a security layer for your entire stack.

  • Auto-HTTPS: Zero-config SSL/TLS certificates for development.
  • CSP Generation: Automatic Content Security Policy management.
  • Security Headers: Standard-compliant HSTS, X-Frame-Options, and more.
  • Vulnerability Shields: Real-time protection against SSRF and SQL Injection.

🚀 Developer Experience (DX) Optimized

  • Vite Native: 100% compatible with the Vite ecosystem and plugins.
  • Instant HMR: Blazing fast hot module replacement.
  • TypeScript First: Deeply integrated type safety throughout the toolchain.

🏗️ Getting Started

Create a professional, secure application in seconds:

npx create-nalth@latest my-secure-app
cd my-secure-app
npm install
nalth dev

📖 Key Features

Secure Package Management

nalth install <package> provides:

  • Typosquatting Detection: Prevention against malicious look-alike packages.
  • Pre-Installation Audits: Scans for known vulnerabilities before files hit your disk.
  • Integrity Verification: Ensures package contents match expected signatures.

Enterprise-Grade Protection

  • OWASP Top 10 Defense: Built-in mitigations for the most common web risks.
  • Secure Fetch: safeFetch prevents SSRF by blocking internal network access.
  • SQL Sanitizer: Tagged templates for safe db queries.

🗺️ Documentation

Explore our comprehensive guides:

🤝 Community & Support

Join the security-first movement:

📄 License

Nalth is MIT licensed — maintained for the modern, secure web.

Nalth: Where Security Meets Velocity. 🛡️⚡